Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/VAtoZTr9RXcha4MSzOefp0j9E40.roa
File: VAtoZTr9RXcha4MSzOefp0j9E40.roa (raw, json)
Hash identifier: 78qUFweHoVjjAJAGfvxe9IkSNDl5D2O3DuVfKrv1+eY=
Subject key identifier: 54:0B:68:65:3A:FD:45:77:21:6B:83:12:CC:E7:9F:A7:48:FD:13:8D
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01874AE946B1F61BB91CA7481AFE0B979FB7
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/VAtoZTr9RXcha4MSzOefp0j9E40.roa
Signing time: Tue 04 Apr 2023 06:16:54 +0000
ROA not before: Tue 04 Apr 2023 06:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 194.53.70.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
194.124.240.0/24 maxlen: 32
194.124.239.0/24 maxlen: 32
185.242.217.0/24 maxlen: 32
194.124.248.0/24 maxlen: 32
194.124.247.0/24 maxlen: 32
193.228.58.0/23 maxlen: 32
188.119.154.0/24 maxlen: 32
92.118.208.0/22 maxlen: 32
45.66.176.0/22 maxlen: 32
45.154.192.0/22 maxlen: 32
193.254.27.0/24 maxlen: 32
193.254.28.0/24 maxlen: 32
45.82.96.0/22 maxlen: 32
45.84.228.0/22 maxlen: 32
139.28.120.0/22 maxlen: 32
185.36.254.0/24 maxlen: 32
185.223.248.0/22 maxlen: 32
45.10.236.0/22 maxlen: 32
82.115.213.0/24 maxlen: 32
63.141.36.0/23 maxlen: 32
194.0.133.0/24 maxlen: 32
194.0.136.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4a:e9:46:b1:f6:1b:b9:1c:a7:48:1a:fe:0b:97:9f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Apr 4 06:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=540b68653afd4577216b8312cce79fa748fd138d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ed:49:fb:b7:b5:81:3e:d3:c4:9d:90:70:0a:
21:d1:64:0d:17:c2:04:2c:94:6b:fe:2f:fe:a3:07:
db:67:7f:f0:3b:af:b3:e8:7f:82:95:a1:dd:e7:30:
51:89:e7:ea:7f:55:d8:ad:7d:8a:d3:1b:cb:a1:8f:
4e:87:34:78:d1:c8:4d:9a:a7:dd:93:b3:71:00:0a:
b0:72:6c:07:e5:2b:48:9d:a6:59:85:eb:9e:1b:2a:
fa:0b:fd:34:bc:91:b4:ea:42:55:c5:b6:db:72:93:
58:f6:14:fe:0d:14:7b:2c:1d:71:89:1e:b3:05:14:
42:ba:8e:ad:65:92:35:b5:51:b5:04:50:36:d5:44:
b0:2c:d7:92:bf:a5:a1:26:c8:74:6b:ee:6f:50:3d:
f4:2b:db:63:7f:b8:8c:32:2a:67:ba:76:69:6a:c7:
23:b8:c7:70:f3:04:54:80:cc:26:c3:45:ec:47:6d:
ca:a0:db:1f:76:d1:48:8e:52:19:45:38:c7:02:ee:
73:24:f5:2b:ac:c4:73:d4:7a:32:4e:d1:6f:a7:d3:
ed:83:3e:84:e8:0a:ac:68:c5:73:db:28:03:57:77:
54:a9:a2:d8:30:41:b7:db:a0:6f:a9:8a:47:04:38:
7d:ea:db:07:3c:75:a5:cd:64:0c:32:ec:ad:d5:00:
0c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:0B:68:65:3A:FD:45:77:21:6B:83:12:CC:E7:9F:A7:48:FD:13:8D
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/VAtoZTr9RXcha4MSzOefp0j9E40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.236.0/22
45.66.176.0/22
45.82.96.0/22
45.84.228.0/22
45.154.192.0/22
45.156.224.0/22
63.141.36.0/23
82.115.213.0/24
92.118.208.0/22
139.28.120.0/22
185.36.254.0/24
185.223.248.0/22
185.242.217.0/24
188.119.154.0/24
193.228.58.0/23
193.254.27.0-193.254.28.255
194.0.133.0/24
194.0.136.0/24
194.53.70.0/24
194.124.239.0-194.124.240.255
194.124.247.0-194.124.248.255
Signature Algorithm: sha256WithRSAEncryption
3c:26:f0:ef:38:41:8b:68:b4:a1:de:47:96:b0:36:c6:72:5a:
96:ef:42:c7:e0:4d:83:da:6e:34:af:b4:fb:b3:25:d4:f5:79:
46:3f:40:99:15:d8:bb:30:e9:18:99:e2:d3:e0:4a:ab:4a:01:
9f:7a:29:13:31:ce:20:27:2b:d0:b9:cd:d9:1e:68:e3:f9:6e:
e3:bd:bc:3e:04:26:c6:c9:73:74:aa:88:c0:c8:9a:ed:5b:90:
7d:3c:32:8b:85:6f:ef:ba:fc:54:97:59:42:8a:93:88:9c:f3:
02:2d:b1:61:79:44:7a:73:7e:58:55:e0:67:d6:4f:3c:8f:cd:
9b:31:41:87:44:cb:5e:d1:2e:de:04:9e:e1:50:c5:a5:ad:a9:
11:cb:c4:ab:40:19:d8:ef:2d:97:17:71:08:ad:f4:bb:d3:4e:
8b:3d:a3:5a:17:8f:2e:cf:ba:cd:70:97:21:f1:5d:87:18:6f:
28:f8:06:cc:e6:08:6b:b1:2c:a4:10:16:bc:fb:a7:de:19:45:
bb:2c:07:2c:49:7d:9a:86:eb:27:3a:ae:80:43:8e:28:2d:25:
90:78:ec:8e:25:28:b1:db:f2:3f:eb:0c:9b:1a:c8:3d:4f:e7:
38:96:c2:e7:6a:d2:38:67:26:f9:50:29:00:8b:98:ff:c5:5c:
16:50:3f:b9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYdK6Uax9hu5HKdIGv4Ll5+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwNDA0MDYxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDBiNjg2NTNhZmQ0NTc3MjE2YjgzMTJjY2U3OWZhNzQ4ZmQxMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO1J+7e1gT7TxJ2QcAoh0WQNF8IE
LJRr/i/+owfbZ3/wO6+z6H+ClaHd5zBRiefqf1XYrX2K0xvLoY9OhzR40chNmqfd
k7NxAAqwcmwH5StInaZZheueGyr6C/00vJG06kJVxbbbcpNY9hT+DRR7LB1xiR6z
BRRCuo6tZZI1tVG1BFA21USwLNeSv6WhJsh0a+5vUD30K9tjf7iMMipnunZpascj
uMdw8wRUgMwmw0XsR23KoNsfdtFIjlIZRTjHAu5zJPUrrMRz1HoyTtFvp9Ptgz6E
6AqsaMVz2ygDV3dUqaLYMEG326BvqYpHBDh96tsHPHWlzWQMMuyt1QAM5wIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFFQLaGU6/UV3IWuDEsznn6dI/RONMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvVkF0b1pUcjlSWGNoYTRNU3pPZWZwMGo5RTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAIt
CuwDBAItQrADBAItUmADBAItVOQDBAItmsADBAItnOADBAE/jSQDBABSc9UDBAJc
dtADBAKLHHgDBAC5JP4DBAK53/gDBAC58tkDBAC8d5oDBAHB5DowDAMEAMH+GwME
AMH+HAMEAMIAhQMEAMIAiAMEAMI1RjAMAwQAwnzvAwQAwnzwMAwDBADCfPcDBADC
fPgwDQYJKoZIhvcNAQELBQADggEBADwm8O84QYtotKHeR5awNsZyWpbvQsfgTYPa
bjSvtPuzJdT1eUY/QJkV2Lsw6RiZ4tPgSqtKAZ96KRMxziAnK9C5zdkeaOP5buO9
vD4EJsbJc3SqiMDImu1bkH08MouFb++6/FSXWUKKk4ic8wItsWF5RHpzflhV4GfW
TzyPzZsxQYdEy17RLt4EnuFQxaWtqRHLxKtAGdjvLZcXcQit9LvTTos9o1oXjy7P
us1wlyHxXYcYbyj4BszmCGuxLKQQFrz7p94ZRbssByxJfZqG6yc6roBDjigtJZB4
7I4lKLHb8j/rDJsayD1P5ziWwudq0jhnJvlQKQCLmP/FXBZQP7k=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:28 2023 by rpki-client on console-fra.rpki-client.org